Powered by GitBook

WIRESHARK

Basic Filters:

ip.addr  == 192.168.50.8                      | Filter specific IP address

ip.src   == 192.168.50.8                      | Source IP

ip.dst   == 192.168.50.8                      | Destination IP

arp                                           | ARP Protcol 

http                                          | HTTP Protocol              

icmp                                          | ICMP Protocol (Pings)

dns                                           | DNS Protocol

tcp.port == [port Number]                     | Filter specific TCP port

udp.port == [Port Number]                     | Filter specific UDP port

tcp contains "word"                           | search for word in a TCP packet


http.authbasic                                | Capturing credentials on HTTP

Using Operators:

ip.addr  == 192.168.50.8  and (dns or http)       | show dns or http traffic coming or going from the IP address


ip.address == 192.168.50.8 and 
tcp.flag.syn ==1 and tcp.flag.ack ==1             | filter SYN-ACK flags


icmp.type == 8                                    | filter ICMP requests


icmp.type == 0                                     | filter ICMP replies

results matching ""

No results matching ""